General Security Concepts

What are the four categories of Security Controls

Technical, Managerial, Operational, Pysical

List the different types of security Controls

Preventative, Deterrent, Detective, Corrective, Compensating, Directive

What are the three core principles of the CIA triad

Confidentiality, Integrity, and Availability

Confidentiality

To prevent unauthorized access to information and data.

Integrity

Ensuring info is not altered by unauthorized entities 

Availability

Authorized users have reliable and timely access to resources 

What does AAA stand for in cybersecurity?

Authentication, Authorization and Accounting

Authentication

Proves who you are

Authorization

Decides what you’re allowed to do

Accounting

Records what you do

Zero Trust

Organization should not automatically trust anything inside or outside its perimeters and verify everything connecting to systems

What is network segmentation?

Dividing a network into smaller parts to improve security and performance.

OSI Model

A 7-layer framework that explains how data moves through a network

Please Do Not Throw Sausage Pizza Away

Application – User interface (web, email) (Layer 7)

Presentation – Formats/encrypts data

Session – Manages connections

Transport – Breaks data into segments (TCP/UDP)

Network – Routes data (IP addresses)

Data Link – Moves frames (MAC addresses)

Physical – Wires, signals, hardware. (Layer 1)

Honeypots

Are decoy systems designed to attract attackers

Honeyfies

Decoy files used to lore attackers. Appear valuable.

Difference between full disk and file level encryption

Full-disk encryption encrypts the entire drive, including the OS and all files, protecting everything if the device is lost or stolen.
File-level encryption only encrypts specific files or folders, offering selective protection for sensitive data.

Difference between Database and Partition encryption

Database Encryption: Protects data inside a database (tables, records).
Keeps stored info safe even if the database file is stolen.
(Example: Transparent Data Encryption – TDE)Partition Partition Encryption: Encrypts an entire section of a drive (partition).
Protects all data types in that partition, not just database files.

What is Hardware Security Module (HSM)

device that stores and manages encryption keys. It performs cryptographic operations like encryption, decryption, and digital signing

What is a Trusted Platform Module (TPM)

A special security chip on the motherboard that stores encryption keys and protects system integrity. Helps with BitLocker and secure boot

Gap Analysis

A method to find the difference between the current state and the desired goal.

Gap analysis in security planning?

aids in security planning by finding weaknessess, and areas needing help.

What does a switch do?

Connects multiple devices on the same local network and forwards data only to the device that needs it (using MAC addresses).

What does a router do?

Connects different networks together and directs data between them using IP addresses.

What is a server?

A powerful computer that provides resources or services (like files, websites, or email) to other devices (clients) on a network.

What is a network?

group of connected devices (like computers, servers, and routers) that share data and resources.

What is a LAN?

A network that connects devices in a small area like a home, school, or office.

What is a WAN?

A network that connects multiple LANs over large distances — like between cities or countries. (Internet)

What is RADIUS? (Remote Authentication Dial-In User Service)

is a protocol that authenticates, authorizes, and accounts users trying to access a network.

Protocol

set of rules that devices use to communicate and exchange data over a network.

Bollards

used to prevent vehicle access to certain areas

What is Access control vestibule, or mantrap

small, enclosed space with two sets of interlocking doors that acts as a secure entryway. Outer doors must be closed before inner doors can open.

What does video surveillance do in physical security 

deters criminal activity and montiers premises.

What is non-repudiation

provides proof that a person cannot deny having performed an action, such as sending a message or signing a document. Achieved though use of digital signature

Digital Signature

cryptographic way to verify who sent a message and that it hasn’t been changed.
Created with a private key, checked with a public key.

PKI (Public Key Infrastructure)

framework that creates, manages, and validates digital certificates and public/private keys to secure communications.

What is symmetric encryption?

Same key used to encrypt and decrypt. Fast, good for bulk data. (Example: AES)

What is asymmetric encryption?

Uses public + private key pair. Public key encrypts, private key decrypts. Good for key exchange and signatures. (Example: RSA, ECC)

What is obfuscation?

Deliberately making code/data hard to read to hide logic or deter reverse-engineering. Not true encryption.

What is steganography?

Hiding a message inside another file (image, audio) so its existence is concealed.

What is cryptography?

Science of securing information using algorithms for confidentiality, integrity, authenticity, and non-repudiation.

Allow List (whitelist)

only explicitly permitted items

Deny list (blacklist)

block specific items but allow the rest.

What is SIEM? (Security Information and Event Management)

collects, analyzes, and correlates logs/events to detect, alert on, and investigate security incidents.

What is certificate pinning?

Binding a service (like google) to a specific certificate or public key so the client only accepts that exact certificate.

what is TLS (Transport Layer Security)

security protocol that makes websites use https:// instead of http://.

OCSP (Online Certificate Status Protocol)

a system that checks if a website’s certificate is still valid (hasn’t been revoked).

what is OCSP Stapling (or certificate stapling)

the server includes proof its certificate is still valid, saving time and protecting your privacy.

Hard Drive

physical storage device in a computer that stores the operating system, applications, and your files, like documents, photos, and music

RAID (Redundant Array of Independent Disks)

combine multiple hard drives to act like one big system for speed, redundancy (backup), or both.It’s mainly used on servers to protect data and improve performance.

Block Cipher

Encrypts data in fixed-size chunks (blocks) usually 128 bits at a time. Example: AES

Stream Cipher:

Encrypts data one bit or byte at a time, like a steady stream. Example: RC4 (older, not used much now).

OSI Layer 7- Application Layer

User-level software and network services (HTTP, FTP, DNS, SMTP).

OSI Layer 6 - Presentation

Formats and encrypts data for the application layer. Handles translation, encryption, compression. (Example: SSL/TLS)

OSI Layer 5 - Session

Manages connections between devices (start, maintain, end).

OSI Layer 4 - Transport

Controls data delivery — reliability, flow, and error checking.

OSI Layer 3 - Network

Handles routing and IP addressing.

OSI Layer 2 - Data Link

Moves data between devices on the same network. Uses MAC addresses. Devices: Switches.

OSI Layer 1 - Physical

Transmits raw bits over cables, Wi-Fi, or fiber. Devices: Hubs, cables, NICs.

NIC (Network Interface Controller)

hardware component that connects a computer to a network, allowing it to send and receive data